From e37e86b5c5b969deeadf1fcaabcda1193216b20c Mon Sep 17 00:00:00 2001 From: Marco van Zijl Date: Tue, 11 Nov 2025 20:40:09 +0100 Subject: [PATCH] Refactor authentik values.yaml to streamline PostgreSQL configuration and enhance backup settings --- apps/authentik/values.yaml | 174 ++++++++++++++++++------------------- 1 file changed, 86 insertions(+), 88 deletions(-) diff --git a/apps/authentik/values.yaml b/apps/authentik/values.yaml index 3f6da72..58b0fb9 100644 --- a/apps/authentik/values.yaml +++ b/apps/authentik/values.yaml @@ -53,93 +53,91 @@ authentik: readOnly: true extraObjects: - - apiVersion: postgresql.cnpg.io/v1 - kind: Cluster - metadata: - name: authentik-pg-cluster - namespace: authentik - spec: - instances: 2 - postgresql: - parameters: - max_connections: "20" - shared_buffers: "25MB" - effective_cache_size: "75MB" - maintenance_work_mem: "6400kB" - checkpoint_completion_target: "0.9" - wal_buffers: "768kB" - default_statistics_target: "100" - random_page_cost: "1.1" - effective_io_concurrency: "300" - work_mem: "640kB" - huge_pages: "off" - max_wal_size: "128MB" - bootstrap: - initdb: - database: authentik - owner: authentik - secret: - name: authentik-pg-cluster-app - storage: - storageClass: ceph-block - size: 10Gi - resources: - requests: - cpu: 100m - memory: 100Mi - limits: - memory: 512Mi - plugins: - - enabled: true - name: barman-cloud.cloudnative-pg.io - isWALArchiver: true - parameters: - barmanObjectName: authentik-backup-store - - - apiVersion: barmancloud.cnpg.io/v1 - kind: ObjectStore - metadata: - name: authentik-backup-store - namespace: authentik - spec: - retentionPolicy: "30d" - configuration: - destinationPath: s3://postgresql-backups/authentik - endpointURL: http://rook-ceph-rgw-ceph-objectstore.rook-ceph.svc:80 - s3Credentials: - accessKeyId: - name: authentik-pg-backup-creds - key: AWS_ACCESS_KEY_ID - secretAccessKey: - name: authentik-pg-backup-creds - key: AWS_SECRET_ACCESS_KEY - wal: - compression: bzip2 - data: - compression: bzip2 - - - apiVersion: postgresql.cnpg.io/v1 - kind: ScheduledBackup - metadata: - name: authentik-pg-backup - namespace: authentik - spec: - method: plugin - immediate: true - schedule: "0 30 3 * * *" # 03:30 daily - backupOwnerReference: self - cluster: - name: authentik-pg-cluster - pluginConfiguration: + - apiVersion: postgresql.cnpg.io/v1 + kind: Cluster + metadata: + name: authentik-pg-cluster + namespace: authentik + spec: + instances: 2 + postgresql: + parameters: + max_connections: "20" + shared_buffers: "25MB" + effective_cache_size: "75MB" + maintenance_work_mem: "6400kB" + checkpoint_completion_target: "0.9" + wal_buffers: "768kB" + default_statistics_target: "100" + random_page_cost: "1.1" + effective_io_concurrency: "300" + work_mem: "640kB" + huge_pages: "off" + max_wal_size: "128MB" + bootstrap: + initdb: + database: authentik + owner: authentik + storage: + storageClass: ceph-block + size: 10Gi + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + memory: 512Mi + plugins: + - enabled: true name: barman-cloud.cloudnative-pg.io + isWALArchiver: true + parameters: + barmanObjectName: authentik-backup-store - - apiVersion: objectbucket.io/v1alpha1 - kind: ObjectBucketClaim - metadata: - name: authentik-pg-backups - namespace: authentik - spec: - bucketName: postgresql-backups - storageClassName: ceph-bucket - additionalConfig: - maxSize: "50Gi" + - apiVersion: barmancloud.cnpg.io/v1 + kind: ObjectStore + metadata: + name: authentik-backup-store + namespace: authentik + spec: + retentionPolicy: "30d" + configuration: + destinationPath: s3://postgresql-backups/authentik + endpointURL: http://rook-ceph-rgw-ceph-objectstore.rook-ceph.svc:80 + s3Credentials: + accessKeyId: + name: authentik-pg-backup-creds + key: AWS_ACCESS_KEY_ID + secretAccessKey: + name: authentik-pg-backup-creds + key: AWS_SECRET_ACCESS_KEY + wal: + compression: bzip2 + data: + compression: bzip2 + + - apiVersion: postgresql.cnpg.io/v1 + kind: ScheduledBackup + metadata: + name: authentik-pg-backup + namespace: authentik + spec: + method: plugin + immediate: true + schedule: "0 30 3 * * *" # 03:30 daily + backupOwnerReference: self + cluster: + name: authentik-pg-cluster + pluginConfiguration: + name: barman-cloud.cloudnative-pg.io + + - apiVersion: objectbucket.io/v1alpha1 + kind: ObjectBucketClaim + metadata: + name: authentik-pg-backups + namespace: authentik + spec: + bucketName: postgresql-backups + storageClassName: ceph-bucket + additionalConfig: + maxSize: "50Gi"